/** * Saves changes to an order * * @return void */ public function saveTask() { // Check for request forgeries Request::checkToken(); $statusmsg = ''; $data = array_map('trim', $_POST); $action = isset($data['action']) ? $data['action'] : ''; $id = $data['id'] ? $data['id'] : 0; $cost = intval($data['total']); if ($id) { // initiate extended database class $row = new Order($this->database); $row->load($id); $row->notes = \Hubzero\Utility\Sanitize::clean($data['notes']); $hold = $row->total; $row->total = $cost; // get user bank account $xprofile = User::getInstance($row->uid); $BTL_Q = new Teller($this->database, $xprofile->get('id')); switch ($action) { case 'complete_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // debit account if ($cost > 0) { $BTL_Q->withdraw($cost, Lang::txt('COM_STORE_BANKING_PURCHASE') . ' #' . $id, 'store', $id); } // update order information $row->status_changed = Date::toSql(); $row->status = 1; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_COMPLETED')) . '.'; break; case 'cancel_order': // adjust credit $credit = $BTL_Q->credit_summary(); $adjusted = $credit - $hold; $BTL_Q->credit_adjustment($adjusted); // remove hold $sql = "DELETE FROM `#__users_transactions` WHERE category='store' AND type='hold' AND referenceid='" . $id . "' AND uid=" . intval($row->uid); $this->database->setQuery($sql); if (!$this->database->query()) { throw new Exception($this->database->getErrorMsg(), 500); } // update order information $row->status_changed = Date::toSql(); $row->status = 2; $statusmsg = Lang::txt('COM_STORE_ORDER') . ' #' . $id . ' ' . Lang::txt('COM_STORE_HAS_BEEN') . ' ' . strtolower(Lang::txt('COM_STORE_CANCELLED')) . '.'; break; case 'message': $statusmsg = Lang::txt('COM_STORE_MSG_SENT') . '.'; break; default: $statusmsg = Lang::txt('COM_STORE_ORDER_DETAILS_UPDATED') . '.'; break; } // check content if (!$row->check()) { throw new Exception($row->getError(), 500); return; } // store new content if (!$row->store()) { throw new Exception($row->getError(), 500); } // send email if ($action || $data['message']) { if (\Hubzero\Utility\Validate::email($row->email)) { $message = new \Hubzero\Mail\Message(); $message->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_STORE_EMAIL_UPDATE_SHORT', $id)); $message->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' ' . Lang::txt('COM_STORE_STORE')); // Plain text email $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => '_plain')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->orderid = $id; $eview->cost = $cost; $eview->row = $row; $eview->action = $action; $eview->message = \Hubzero\Utility\Sanitize::stripAll($data['message']); $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $message->addPart($plain, 'text/plain'); // HTML email $eview->setLayout('_html'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); $message->addPart($html, 'text/html'); // Send e-mail $message->setTo(array($row->email)); $message->send(); } } } App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $statusmsg); }